Initial commit - install hooks

hooks/install

@@ -0,0 +1 @@
+swift-proxy-relations

hooks/start

@@ -0,0 +1 @@
+swift-proxy-relations

hooks/stop

@@ -0,0 +1 @@
+swift-proxy-relations

hooks/swift-proxy-common

@@ -0,0 +1,64 @@
+#!/bin/bash
+set -ue
+# For openssl cert generation
+COUNTRY="US"
+STATE="OR"
+LOCALE="Portland"
+COMMON_NAME="swift-proxy.ensemble-test.com"
+
+DEFAULT_ETH=$(ip route  | grep default | awk '{ print $5 }')
+IP=$(ifconfig  $DEFAULT_ETH | grep 'inet addr' | awk '{ print $2 }' | cut -d: -f2)
+
+# TODO: Need to use different addresses for internal swift traffic
+# as this the only security measure in place is network isolation
+PROXY_LOCAL_NET_IP=$IP
+
+PACKAGES="swift swift-proxy memcached"
+
+SWIFT_HASH_FILE="/var/lib/ensemble/swift-hash-path.conf"
+
+# generate the swift hash to be used for salting URLs of objects.
+# TODO: its important this is never lost, find out some way of getting
+# it off the server and into a sys admins INBOX?
+if [[ ! -e $SWIFT_HASH_FILE ]] ; then
+  echo "swift-proxy: Generating a new SWIFT_HASH in $SWIFT_HASH_FILE"
+  echo $(od -t x8 -N 8 -A n </dev/random) >$SWIFT_HASH_FILE
+fi
+
+function set_swift_hash {
+  # TODO: Do this with augeas and put in a utility function for use elsewhere
+  cat >/etc/swift/swift.conf <<EOF
+[swift-hash]
+# random unique string that can never change (DO NOT LOSE)
+swift_hash_path_suffix = `cat $SWIFT_HASH_FILE` 
+EOF
+}
+
+function create_proxy_conf {
+cat >/etc/swift/proxy-server.conf <<EOF
+[DEFAULT]
+cert_file = /etc/swift/cert.crt
+key_file = /etc/swift/cert.key
+bind_port = 8080
+workers = 8
+user = swift
+
+[pipeline:main]
+pipeline = healthcheck cache tempauth proxy-server
+
+[app:proxy-server]
+use = egg:swift#proxy
+allow_account_management = true
+
+[filter:tempauth]
+use = egg:swift#tempauth
+user_system_root = testpass .admin https://$PROXY_LOCAL_NET_IP:8080/v1/AUTH_system
+
+[filter:healthcheck]
+use = egg:swift#healthcheck
+
+[filter:cache]
+use = egg:swift#memcache
+memcache_servers = $PROXY_LOCAL_NET_IP:11211
+EOF
+}

hooks/swift-proxy-relations

@@ -0,0 +1,31 @@
+#!/bin/bash
+set -ue
+FORMULA_DIR=$(dirname $0)
+ARG0=${0##*/}
+
+if [[ -e $FORMULA_DIR/swift-proxy-common ]] ; then
+  . $FORMULA_DIR/swift-proxy-common
+else
+  echo "ERROR: Could nto load swift-proxy-common from $FORMULA_DIR"
+fi
+
+function install_hook {
+  apt-get -y install $PACKAGES || exit 1
+  [[ ! -d /etc/swift ]] && mkdir /etc/swift
+  set_swift_hash || exit 1
+  create_proxy_conf
+  if [[ ! -e /etc/swift/cert.crt ]] ; then
+    openssl req -new -x509 -nodes \
+      -out /etc/swift/cert.crt \
+      -keyout /etc/swift/cert.key \
+      -subj "/C=$COUNTRY/ST=$STATE/L=$LOCALE/CN=$COMMON_NAME"
+  fi
+  perl -pi -e "s/-l 127.0.0.1/-l $PROXY_LOCAL_NET_IP/" /etc/memcached.conf
+  service memcached restart
+}
+
+case $ARG0 in
+  "install") install_hook ;;
+  "start"|"stop") exit 0 ;;
+esac
+

metadata.yaml

@@ -0,0 +1,13 @@
+ensemble: formula
+name: swift-proxy
+revision: 7 
+summary: "Swift proxy node"
+description: |
+  Swift is a distributed virtual object store. This formula deploys the proxy node
+  to be related to storage nodes.
+provides:
+  proxy-node:
+    interface: swift
+requires:
+  storage-node:
+    interface: swift